Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A server system that provides a multitenant service, the server system comprising: a first determination unit configured to determine whether a role allocated to a first tenant to which an executor that has instructed an execution of a function belongs and a role allocated to a second tenant that is a target of processing by the function are associated with each other; an allowance unit configured to, if it is determined by the first determination unit that the role allocated to the first tenant and the role allocated to the second tenant are associated with each other, allow the executor to execute the function; a second determination unit configured to, if it is determined by the first determination unit that the role allocated to the first tenant and the role allocated to the second tenant are not identical, determine whether the function is processable; and a third determination unit configured to, if it is determined by the second determination unit that the function is processable even if the role allocated to the first tenant and the role allocated to the second tenant are not identical, determine whether a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, wherein, if it is determined by the third determination unit that a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, the allowance unit allows the executor to execute the function with respect to the second tenant.
A server system for a multitenant service controls cross-tenant data access. It checks if the roles of the requesting tenant (executor) and the target tenant are related. If roles are related, access is allowed. If roles are different, it verifies if the requested function is generally permissible cross-tenant. Finally, it assesses if the relationship between the two tenants allows the function's execution. Only if all checks pass, is the executor allowed to execute the function on the target tenant's data. This ensures secure cross-tenant data access based on roles, function permissibility, and tenant relationships.
2. The server system according to claim 1 , further comprising: a setting unit configured to, during creation of a new tenant, set a master administrator for the new tenant; and a checking unit configured to, based on a setting content of the setting unit, check whether it is determined by the third determination unit that a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, and whether a combination of a tenant ID and a master administrator ID of the new tenant designated by the executor is correct, wherein, if it is determined by the third determination unit that a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function and it is determined by the checking unit that the combination is correct, the allowance unit allows the executor to execute the function.
The server system described above also manages tenant creation. When a new tenant is created, a master administrator is set. The system then verifies two things: first, whether the relationship between the requesting tenant and the target tenant allows function execution as determined earlier; second, whether the provided tenant ID and master administrator ID combination for the new tenant are correct. Only if both conditions are true (the tenant relationship allows execution AND the admin ID is correct) does the system permit the executor to execute the function. This adds an extra layer of security during tenant creation for cross-tenant data access.
3. The server system according to claim 1 , further comprising: a storage unit configured to store authority information in which, regarding the function, the first tenant, the second tenant, and information indicating whether to allow processing of the function even if the first tenant and the second tenant are not identical are associated with one another, wherein the third determination unit determines, based on the authority information, whether a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function.
The server system described above utilizes a storage unit to store authority information. This information associates a function, a requesting tenant, a target tenant, and an allowance flag indicating whether cross-tenant processing is permitted. When determining whether a tenant relationship allows function execution, the system consults this authority information. The third determination unit uses the stored authority information to decide if the relationship between the two tenants permits execution of the function. This allows explicit configuration of which cross-tenant operations are allowed based on tenant relationships.
4. A control method executable in a server system that provides a multitenant service, the control method comprising: determining, by a first determination unit, whether a role allocated to a first tenant to which an executor that has instructed an execution of a function belongs and a role allocated to a second tenant that is a target of processing by the function are associated with each other; allowing, by an allowance unit configured to, if it is determined by the first determination unit that the role allocated to the first tenant and the role allocated to the second tenant are associated with each other, the executor to execute the function; determining, by a second determination unit configured to, if it is determined by the first determination unit that the role allocated to the first tenant and the role allocated to the second tenant are not identical, whether the function is processable; and determining, by a third determination unit configured to, if it is determined by the second determination unit that the function is processable even if the role allocated to the first tenant and the role allocated to the second tenant are not identical, whether a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, wherein, if it is determined by the third determination unit that a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, the allowance unit allows the executor to execute the function with respect to the second tenant.
A method for controlling data access in a multitenant server environment involves determining if the roles of the requesting tenant (executor) and target tenant are related. If related, function execution is allowed. If not, it checks if the function is generally processable cross-tenant. Subsequently, it determines if the relationship between the tenants permits execution. Only if all checks pass is the function executed on the target tenant's data. This method ensures secure cross-tenant data access based on roles, function permissibility, and tenant relationships.
5. The control method according to claim 4 , further comprising: setting, during creation of a new tenant, a master administrator for the new tenant; checking, based on a setting content of the master administrator, whether it is determined that a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, and whether a combination of a tenant ID and a master administrator ID of the new tenant designated by the executor is correct; and allowing, if it is determined that a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function and it is determined that the combination is correct, the executor to execute the function.
The control method described above includes steps for new tenant setup. During tenant creation, a master administrator is defined. The method then verifies if the tenant relationship allows the function execution and if the tenant ID and designated master administrator ID are correct. The function is only allowed to be executed if the relationship is permissible AND the administrator ID is correct, thereby increasing security. This ensures only authorized actions can be performed regarding the new tenant.
6. The control method according to claim 4 , further comprising: storing authority information in which, regarding the function, the first tenant, the second tenant, and information indicating whether to allow processing of the function even if the first tenant and the second tenant are not identical are associated with one another; and determining, based on the authority information, whether a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function.
The control method described above also involves storing authority information which associates a function, requesting tenant, target tenant, and an allowance flag indicating whether cross-tenant processing is allowed. The method then uses this information to determine whether the relationship between the requesting and target tenants allows the execution of a given function. This enables a flexible configuration of allowed cross-tenant operations based on tenant relationships.
7. A computer-readable storage medium storing a program executable in a server system that provides a multitenant service, the program comprising: determining, by a first determination unit, whether a role allocated to a first tenant to which an executor that has instructed an execution of a function belongs and a role allocated to a second tenant that is a target of processing by the function are associated with each other; allowing, by an allowance unit configured to, if it is determined by the first determination unit that the role allocated to the first tenant and the role allocated to the second tenant are associated with each other, the executor to execute the function; determining, by a second determination unit configured to, if it is determined by the first determination unit that the role allocated to the first tenant and the role allocated to the second tenant are not identical, whether the function is processable; and determining, by a third determination unit configured to, if it is determined by the second determination unit that the function is processable even if the role allocated to the first tenant and the role allocated to the second tenant are not identical, whether a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, wherein, if it is determined by the third determination unit that a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, the allowance unit allows the executor to execute the function with respect to the second tenant.
A computer-readable storage medium stores a program to control data access in a multitenant server environment. The program determines if the roles of the requesting tenant (executor) and target tenant are related. If related, function execution is allowed. If not, it checks if the function is generally processable cross-tenant. Subsequently, it determines if the relationship between the tenants permits execution. Only if all checks pass is the function executed on the target tenant's data. This program ensures secure cross-tenant data access based on roles, function permissibility, and tenant relationships.
8. The computer-readable storage medium according to claim 7 , the program further comprising: setting, during creation of a new tenant, a master administrator for the new tenant; checking, based on a setting content of the master administrator, whether it is determined that a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, and whether a combination of a tenant ID and a master administrator ID of the new tenant designated by the executor is correct; and allowing, if it is determined that a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function and it is determined that the combination is correct, the executor to execute the function.
The computer-readable storage medium described above stores a program that includes steps for new tenant setup. During tenant creation, a master administrator is defined. The program then verifies if the tenant relationship allows the function execution and if the tenant ID and designated master administrator ID are correct. The function is only allowed to be executed if the relationship is permissible AND the administrator ID is correct, thereby increasing security during initial setup. This program ensures only authorized actions can be performed regarding the new tenant.
9. The computer-readable storage medium according to claim 7 , the program further comprising: storing authority information in which, regarding the function, the first tenant, the second tenant, and information indicating whether to allow processing of the function even if the first tenant and the second tenant are not identical are associated with one another; and determining, based on the authority information, whether a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function.
The computer-readable storage medium described above stores a program that involves storing authority information. This information associates a function, requesting tenant, target tenant, and an allowance flag indicating whether cross-tenant processing is allowed. The program then uses this information to determine whether the relationship between the requesting and target tenants allows the execution of a given function. This program enables a flexible configuration of allowed cross-tenant operations based on tenant relationships.
10. A system including a client and a server system that provides a multitenant service, the system comprising: a transmission unit configured to transmit an execution request, being issued by the client, of a function which is executed by an executer; a first determination unit configured to determine whether a role allocated to a first tenant to which the executor that has instructed an execution of the function belongs and a role allocated to a second tenant that is a target of processing by the function are associated with each other, in response to reception of the execution request; an allowance unit configured to, if it is determined by the first determination unit that the role allocated to the first tenant and the role allocated to the second tenant are associated with each other, allow the executor to execute the function; a second determination unit configured to, if it is determined by the first determination unit that the role allocated to the first tenant and the role allocated to the second tenant are not identical, determine whether the function is processable; and a third determination unit configured to, if it is determined by the second determination unit that the function is processable even if the role allocated to the first tenant and the role allocated to the second tenant are not identical, determine whether a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, wherein, if it is determined by the third determination unit that a relationship between the first tenant and the second tenant is a relationship that allows an execution of the function, the allowance unit allows the executor to execute the function with respect to the second tenant.
A system includes a client and a server for a multitenant service to control cross-tenant data access requests issued by the client. The server checks if the roles of the requesting tenant (executor) and the target tenant are related. If roles are related, access is allowed. If roles are different, it verifies if the requested function is generally permissible cross-tenant. Finally, it assesses if the relationship between the two tenants allows the function's execution. Only if all checks pass, is the executor allowed to execute the function on the target tenant's data. The client transmits the function request to the server. The server enforces the cross-tenant access control policy.
Unknown
December 2, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.